Amazon infrastructure services (Amazon EC2, Amazon S3, Amazon EBS, and Amazon VPC) form the backbone platform for hundreds of thousands of AWS customers. In this hands-on workshop we will take you to walk through these infrastructure services and how you can use them to match capacity and costs requirement. This hands-on workshop is designed to combine best practices with the sharing of practical implementation experience.
In this session, we will explore common use cases for (server based or generally load balanced) workloads in AWS and how they compare with the on-prem deployment patterns. you will learn the architectural patterns and line of thinking for deploying security perimeters and segmentation across a multiple account/vpc strategy, Edge security. also, you how you can make sure the pattern you develop will be applied uniformly across your current and future environments.
Module 2 AWS Foundational Services - AWSome Day Online Conference Amazon Web Services
Â
Module 2: AWS Infrastructure â Compute, Storage and Networking
This module will cover:
- Modern Data Center Design Models
- Amazon Elastic Cloud Compute (EC2) concepts including instance types and families, AMIs and meta and user data
- Storage Concepts including Amazon Simple Storage Service (S3)
- Networking Concepts
- Amazon Virtual Private Cloud (VPC) concepts
Module 2: Core AWS Compute and Storage Services - Virtual AWSome Day June 2018Amazon Web Services
Â
Module 2: Core AWS Compute Services (EC2, ELBm, AutoScaling, and EBS) and Storage Services (S3, RDS, and DynamoDB)
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...Amazon Web Services
Â
In this advanced workshop, we dive deep on the different networking options for deploying containers at production scale across Amazon EC2, Amazon ECS, and Amazon EKS. We also review architectural best practices and the different relevant industry standards that are leveraged within these services. This workshop includes hands-on labs to facilitate a better understanding of the networking underpinnings of the various container deployment options. We recommend you bring your own laptop.
In this session, we will explore common use cases for (server based or generally load balanced) workloads in AWS and how they compare with the on-prem deployment patterns. you will learn the architectural patterns and line of thinking for deploying security perimeters and segmentation across a multiple account/vpc strategy, Edge security. also, you how you can make sure the pattern you develop will be applied uniformly across your current and future environments.
Module 2 AWS Foundational Services - AWSome Day Online Conference Amazon Web Services
Â
Module 2: AWS Infrastructure â Compute, Storage and Networking
This module will cover:
- Modern Data Center Design Models
- Amazon Elastic Cloud Compute (EC2) concepts including instance types and families, AMIs and meta and user data
- Storage Concepts including Amazon Simple Storage Service (S3)
- Networking Concepts
- Amazon Virtual Private Cloud (VPC) concepts
Module 2: Core AWS Compute and Storage Services - Virtual AWSome Day June 2018Amazon Web Services
Â
Module 2: Core AWS Compute Services (EC2, ELBm, AutoScaling, and EBS) and Storage Services (S3, RDS, and DynamoDB)
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
Deep Dive on Container Networking at Scale on Amazon EKS, Amazon ECS, & Amazo...Amazon Web Services
Â
In this advanced workshop, we dive deep on the different networking options for deploying containers at production scale across Amazon EC2, Amazon ECS, and Amazon EKS. We also review architectural best practices and the different relevant industry standards that are leveraged within these services. This workshop includes hands-on labs to facilitate a better understanding of the networking underpinnings of the various container deployment options. We recommend you bring your own laptop.
AWS SSA Webinar 12 - Getting started on AWS with ContainersCobus Bernard
Â
In this session, we will look a the building blocks available on AWS for Compute, Storage and Networking. It will focus on providing and overview how what each service is used for to prepare the attendee for the 3 followup sessions where each of the 3 categories will be covered in more detail.
Best Practices for Implementing Your Encryption Strategy Using AWS Key Manage...Amazon Web Services
Â
AWS Key Management Service (KMS) is a managed service that makes it easy for you to create and manage the encryption keys used to encrypt your data. In this session, we will dive deep into best practices learned by implementing AWS KMS at AWSâ largest enterprise clients. We will review the different capabilities described in the AWS Cloud Adoption Framework (CAF) Security Perspective and how to implement these recommendations using AWS KMS. In addition to sharing recommendations, we will also provide examples that will help you protect sensitive information on the AWS Cloud.
Module 2: AWS Infrastructure â Compute, Storage and Networking - AWSome Day O...Amazon Web Services
Â
Module 2: AWS Infrastructure â Compute, Storage and Networking
This module will cover:
Modern Data Center Design Models
Amazon Elastic Cloud Compute (EC2) concepts including instance types and families, AMIs and meta and user data
Storage Concepts including Amazon Simple Storage Service (S3)
Networking Concepts
Amazon Virtual Private Cloud (VPC) concepts
In this presentation from the AWS User Group UK meetup in November 2014 I recap the new AWS services that were launched and announced at AWS re:Invent 2014.
Module 1: AWS Cloud Concepts, VPC, and Security Groups - Virtual AWSome Day J...Amazon Web Services
Â
Module 1: AWS Cloud Concepts / Infrastructure, VPC, and Security Groups
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
AWS launched publicly on March 2006 with just one service, starting the age of the public cloud. You might think after 15 years everything in cloud has already been invented, but that's simply not the case.
In this session I want to show you how AWS is reinventing the cloud in areas like computing, machine learning, databases and analytics, or cloud infrastructure.
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...Amazon Web Services
Â
Module 3: Security, Identity and Access Management
This module will cover:
- Data Center Security
- AWS Identity and Access Management (IAM) concepts including users, groups, roles and policies
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity OptionsAmazon Web Services
Â
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
In this session, learn how you evaluate, design, build, and manage distributed applications over hybrid infrastructures using Amazon Web Services. This session follows the evolution of a simple legacy data center expansion with
basic connectivity into managing complex hybrid applications. Along the way, we investigate best practice designs in use by AWS customers. Topics covered include: interconnectivity, availability, security, hybrid networks with Amazon VPC and AWS Direct Connect as well as automated provisioning with AWS CloudFormation, and configuration management with AWS OpsWorks.
Speakers:
Miha Kralj, AWS Solutions Architect
Amarpal S. Attwal, Senior Technical Lead, ICT Engineering, Just Eat
Koen van den Biggelaar, AWS Solutions Architect
Day 2 - Amazon EC2 Masterclass - Getting the most from Amazon EC2Amazon Web Services
Â
Amazon EC2 forms the backbone compute platform for hundreds of thousands of AWS customers, but how do you go beyond starting an instance and manually configuring it? This webinar takes you on a journey starting with the basics of key creation and security groups and ending with an Auto Scaling application driven by dynamic policies. It will explain the tools you need to create an Auto Scaling configuration and show you how to bootstrap an instance.
Reasons to attend:
- Understand how to use Amazon EC2 beyond a simple single instance use case including bootstrap & AMIs.
- Learn how to create Auto Scaling configurations and the tools you need to drive Auto Scaling policies.
- Learn how to use Amazon CloudWatch alarms to trigger actions with Auto Scaling.
Five Steps to Creating a Secure Hybrid Cloud ArchitectureAmazon Web Services
Â
A hybrid Architecture is one of the easiest ways to securely address new application requirements and cloud-first development initiatives. This approach allows you to start small and expand as your requirements change while maintaining a strong security posture. In this session, you will learn the 5 key steps to building a hybrid architecture on AWS using the VM-Series next-generation firewall.
Do you want to increase your knowledge of AWS core services and launch your first web application on the cloud? In this session, we will start our AWS journey by walk you through some fundamentals and AWS core services including Security, Amazon EC2, Amazon S3, Amazon EBS and Amazon VPC. Followed by introduction of AWS Migration Hub which provides a single location to track migration across multiple AWS and partner solutions, giving you visibility into the status of migrations across your portfolio of applications.
Introduction to AWS products, services, and common solutions. Overview of fundamentals to become more proficient in identifying AWS services to help make informed decisions about IT solutions based on business requirements. Helps you get started working on AWS.
AWS SSA Webinar 12 - Getting started on AWS with ContainersCobus Bernard
Â
In this session, we will look a the building blocks available on AWS for Compute, Storage and Networking. It will focus on providing and overview how what each service is used for to prepare the attendee for the 3 followup sessions where each of the 3 categories will be covered in more detail.
Best Practices for Implementing Your Encryption Strategy Using AWS Key Manage...Amazon Web Services
Â
AWS Key Management Service (KMS) is a managed service that makes it easy for you to create and manage the encryption keys used to encrypt your data. In this session, we will dive deep into best practices learned by implementing AWS KMS at AWSâ largest enterprise clients. We will review the different capabilities described in the AWS Cloud Adoption Framework (CAF) Security Perspective and how to implement these recommendations using AWS KMS. In addition to sharing recommendations, we will also provide examples that will help you protect sensitive information on the AWS Cloud.
Module 2: AWS Infrastructure â Compute, Storage and Networking - AWSome Day O...Amazon Web Services
Â
Module 2: AWS Infrastructure â Compute, Storage and Networking
This module will cover:
Modern Data Center Design Models
Amazon Elastic Cloud Compute (EC2) concepts including instance types and families, AMIs and meta and user data
Storage Concepts including Amazon Simple Storage Service (S3)
Networking Concepts
Amazon Virtual Private Cloud (VPC) concepts
In this presentation from the AWS User Group UK meetup in November 2014 I recap the new AWS services that were launched and announced at AWS re:Invent 2014.
Module 1: AWS Cloud Concepts, VPC, and Security Groups - Virtual AWSome Day J...Amazon Web Services
Â
Module 1: AWS Cloud Concepts / Infrastructure, VPC, and Security Groups
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
AWS launched publicly on March 2006 with just one service, starting the age of the public cloud. You might think after 15 years everything in cloud has already been invented, but that's simply not the case.
In this session I want to show you how AWS is reinventing the cloud in areas like computing, machine learning, databases and analytics, or cloud infrastructure.
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...Amazon Web Services
Â
Module 3: Security, Identity and Access Management
This module will cover:
- Data Center Security
- AWS Identity and Access Management (IAM) concepts including users, groups, roles and policies
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity OptionsAmazon Web Services
Â
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
In this session, learn how you evaluate, design, build, and manage distributed applications over hybrid infrastructures using Amazon Web Services. This session follows the evolution of a simple legacy data center expansion with
basic connectivity into managing complex hybrid applications. Along the way, we investigate best practice designs in use by AWS customers. Topics covered include: interconnectivity, availability, security, hybrid networks with Amazon VPC and AWS Direct Connect as well as automated provisioning with AWS CloudFormation, and configuration management with AWS OpsWorks.
Speakers:
Miha Kralj, AWS Solutions Architect
Amarpal S. Attwal, Senior Technical Lead, ICT Engineering, Just Eat
Koen van den Biggelaar, AWS Solutions Architect
Day 2 - Amazon EC2 Masterclass - Getting the most from Amazon EC2Amazon Web Services
Â
Amazon EC2 forms the backbone compute platform for hundreds of thousands of AWS customers, but how do you go beyond starting an instance and manually configuring it? This webinar takes you on a journey starting with the basics of key creation and security groups and ending with an Auto Scaling application driven by dynamic policies. It will explain the tools you need to create an Auto Scaling configuration and show you how to bootstrap an instance.
Reasons to attend:
- Understand how to use Amazon EC2 beyond a simple single instance use case including bootstrap & AMIs.
- Learn how to create Auto Scaling configurations and the tools you need to drive Auto Scaling policies.
- Learn how to use Amazon CloudWatch alarms to trigger actions with Auto Scaling.
Five Steps to Creating a Secure Hybrid Cloud ArchitectureAmazon Web Services
Â
A hybrid Architecture is one of the easiest ways to securely address new application requirements and cloud-first development initiatives. This approach allows you to start small and expand as your requirements change while maintaining a strong security posture. In this session, you will learn the 5 key steps to building a hybrid architecture on AWS using the VM-Series next-generation firewall.
Do you want to increase your knowledge of AWS core services and launch your first web application on the cloud? In this session, we will start our AWS journey by walk you through some fundamentals and AWS core services including Security, Amazon EC2, Amazon S3, Amazon EBS and Amazon VPC. Followed by introduction of AWS Migration Hub which provides a single location to track migration across multiple AWS and partner solutions, giving you visibility into the status of migrations across your portfolio of applications.
Introduction to AWS products, services, and common solutions. Overview of fundamentals to become more proficient in identifying AWS services to help make informed decisions about IT solutions based on business requirements. Helps you get started working on AWS.
AWS Commercial Management and Cost Optimisation - Dec 2017Amazon Web Services
Â
Technical levers and strategic mechanisms for AWS Commercial Management and Cost Optimisation. Includes 2017 commercially relevant updates.
Speaker: Peter Shi, Commercial Architect, BD AWS APAC
This presentation covers AWS foundational services such as Amazon EC2, Amazon S3 and Amazon RDS as well as an introduction to AWS deployment tools and techniques and the next steps that you can take to continue developing your knowledge.
Module 2: AWS Foundational Services - AWSome Day Online ConferenceAmazon Web Services
Â
Module 2: AWS Infrastructure â Compute, Storage and Networking
This module will cover:
- Modern Data Center Design Models
- Amazon Elastic Cloud Compute (EC2) concepts including instance types and families, AMIs and meta and user data
- Storage Concepts including Amazon Simple Storage Service (S3)
- Networking Concepts
- Amazon Virtual Private Cloud (VPC) concepts
Stack Mastery: Create and Optimize Advanced AWS CloudFormation Templates - DE...Amazon Web Services
Â
AWS CloudFormation gives you an easy way to define your infrastructure as code. But are you using it to its full potential? In this workshop, we take real-world architecture from a sandbox template to production-ready reusable code. We start by reviewing an initial template, which you update throughout the session to incorporate AWS CloudFormation features, like nested stacks and intrinsic functions. By the end of this workshop, expect to have a set of AWS CloudFormation templates that demonstrate the same best practices used in AWS Quick Starts.
A laptop (Windows, macOS, or Linux) with the AWS CLI or AWS Tools for Windows PowerShell installed and your favorite text editor (e.g. Atom, VS Code, Sublime).
Design, Build, and Modernize Your Web Applications with AWSDonnie Prakoso
Â
Cloud makes it super easy for you to spin off your desired IT resources. But, the true value of cloud lies in its capability to provide you a set of building blocks for your applications. Join us in this hands-on session to understand how to use Amazon Virtual Private Cloud (VPC) and Amazon Elastic Compute Cloud (EC2) along with Amazon EC2 Auto Scaling and Elastic Load Balancer to design your scalable architecture and build your applications in no time. Moreover, we will discover how to modernize your application with the help of our serverless service AWS Lambda.
In this session, dive deep on best practices and considerations for running Microsoft SQL Server on AWS. Learn how to choose between Amazon EC2 and Amazon RDS, and understand how to optimize the performance of your SQL Server deployment for different application types. We review in detail how to provision and monitor your SQL Server databases and how to manage scalability, performance, availability, security, and backup and recovery in both Amazon RDS and Amazon EC2.
How to Cost-Optimize Your Microsoft Workloads on AWS (WIN201) - AWS re:Invent...Amazon Web Services
Â
In this session, we cover practical steps for cost-optimizing your Microsoft workloads on AWS from both a licensing and infrastructure perspective. We discuss ways to diversify and optimize your current licensing investments, how to think strategically about licensing in the cloud, and how to bring your own licenses to AWS. We also cover a variety of additional cost optimization features and approaches, and we explain how these can be applied to Microsoft-specific workloads.
Design, Deploy, & Optimize SQL Server Workloads - SRV209 - Chicago AWS SummitAmazon Web Services
Â
In this session, dive deep on best practices and considerations for running Microsoft SQL Server on AWS. Learn how to choose between Amazon EC2 and Amazon RDS, and understand how to optimize the performance of your SQL Server deployment for different application types. We review in detail how to provision and monitor your SQL Server databases and how to manage scalability, performance, availability, security, and backup and recovery in both Amazon RDS and Amazon EC2.
Similar to Amazon EC2 and Amazon VPC Hands-On Workshop (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Â
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, lâutilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalitĂ Server...Amazon Web Services
Â
La varietĂ e la quantitĂ di dati che si crea ogni giorno accelera sempre piĂš velocemente e rappresenta una opportunitĂ irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantitĂ di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma lâelasticitĂ del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dellâinfrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende piĂš semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilitĂ , la velocitĂ di rilascio e, in definitiva, ci ha consentito di creare applicazioni piĂš affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
Â
Lâutilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question â how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
⢠PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
⢠Scope
⢠Features
⢠Tech overview and Demo
The role of the Cloud
The Future of APIs
⢠Complying with regulation
⢠Monetizing data / APIs
⢠Business models
⢠Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica lâofferta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Â
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Â
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilitĂ del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Â
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilitĂ messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledÏ 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ⢠on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphereŽ e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilitĂ ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Â
Molte aziende oggi, costruiscono applicazioni con funzionalitĂ di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessitĂ di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalitĂ di QLDB.
Con lâascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono piĂš importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi dâuso creando API moderne con funzionalitĂ di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud⢠on AWS: i miti da sfatareAmazon Web Services
Â
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilitĂ ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno lâarchitettura e dimostreranno come sfruttare a pieno le potenzialitĂ di VMware Cloud ⢠on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o piÚ dei tuo container.
1. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Hands-on Workshop
Amazon EC2 and Amazon VPC
Anson Shen â Solutions Architect
Sebastien Linsolas â Solutions Architect
Herman Mak â Associate Solutions Architect
2. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Overview
3. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Run applications â
reliably and securely
Provision network, compute,
storage and database services in the
cloud with the click of a button
Everything youâd want to do
in a traditional datacenter
What is Amazon Web Services (AWS)?
4. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Products
5. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
18 Regions â 55 Availability Zones â 136 Edge PoPs
AWS Global Infrastructure
6. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Global Infrastructure
Regions
Geographic locations
Consists of two or more Availability Zones (AZs)
Availability Zone (AZ)
One or more data centers
Isolated from failures in other Availability Zones
7. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AZ â Availability Zone
Single
digit
ms
Network
multiple tier-1 transit providers
Power
isolated electrical grids, UPS, onsite backup generator
Geo
isolated fault lines flood plains
Network
multiple tier-1 transit providers
Power
isolated electrical grids, UPS, onsite backup generator
Geo
isolated fault lines flood plains
8. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Edge Locations
136 AWS Edge Locations:
Local points-of-presence commonly supporting AWS
services including:
⢠Amazon Route 53
⢠Amazon CloudFront
9. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Elastic Compute
Cloud (EC2)
10. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Elastic Compute Cloud (EC2)
Resizable compute capacity
Complete control of your computing resources
Reduces the time required to obtain and boot new
server instances to minutesAmazon
EC2
11. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2 Facts
Scale capacity as your computing requirements change
Pay only for capacity that you actually use
Choose Linux or Windows
Deploy across AWS Regions and Availability Zones for reliability
12. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Launching an Amazon EC2 Instance via the Web
Console
1. Determine the AWS Region in which you want to launch
the Amazon EC2 instance.
2. Launch an Amazon EC2 instance from a pre-configured
Amazon Machine Image (AMI).
3. Choose an instance type based on CPU, memory,
storage, and network requirements.
4. Configure network, IP address, security groups, storage
volume, tags, and key pair.
13. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Machine Image (AMI) Details
An AMI includes the following:
A template for the root volume for the instance (for
example, an operating system, an application server, and
applications).
Launch permissions that control which AWS accounts can
use the AMI to launch instances.
A block device mapping that specifies the volumes to
attach to the instance when it's launched.
14. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2 Instances
OS, Applications,
& Configuration
AMI
Running or
Stopped VM
Instances
AZ
VPC
Region
EBS
S3
EBS
Snapshots
S3 Buckets
EBS EBS EBS EBS EBS
AZ
Instances Instances
15. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EBS vs. Amazon EC2 Instance Store
Amazon EBS
⢠Data stored on an Amazon EBS volume can persist
independently of the life of the instance.
⢠Storage is persistent.
Amazon EC2 Instance Store
⢠Data stored on a local instance store persists only as long as
the instance is alive.
⢠Storage is ephemeral.
16. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Marketplace â IT Software Optimized for the
Cloud
An online store to discover, purchase,
and deploy IT software on top of the
AWS infrastructure.
⢠Catalog of 2300+ IT software solutions
⢠Including Paid, BYOL, Open Source,
SaaS, & free to try options
⢠Pre-configured to operate on AWS
⢠Software checked by AWS for security and
operability
⢠Deploys to AWS environment in minutes
⢠Flexible, usage-based billing models
⢠Software charges billed to AWS account
Includes AWS Test Drive
17. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Choosing the Right Amazon EC2 Instance
EC2 instance types are optimized for different use cases and come in
multiple sizes. This allows you to optimally scale resources to your
workload requirements.
AWS uses IntelÂŽ XeonÂŽ processors for EC2 instances, providing
customers with high performance and value.
Consider the following when choosing your instances: Core count,
memory size, storage size and type, network performance, and CPU
technologies.
Hurry Up and Go Idle - A larger compute instance can save you time
and money, therefore paying more per hour for a shorter amount of
time can be less expensive.
18. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Current Generation Instances
Instance Family Some Use Cases
General purpose (t2, m4, m3)
⢠Low-traffic websites and web applications
⢠Small databases and mid-size databases
Compute optimized (c4, c3)
⢠High performance front-end fleets
⢠Video-encoding
Memory optimized (x1e, x1, r4)
⢠High performance databases
⢠Distributed memory caches
Storage optimized (i3, d2, h1)
⢠Data warehousing
⢠Log or data-processing applications
GPU instances (p3, g3)
⢠3D application streaming
⢠Machine learning
19. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
C4.xlarge (Compute-Optimized)
FamilyGeneration
TypeFamily
20. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
M2
2nd Generation
Compute
M4
4th Generation
Compute
Upgrade
21. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Instance Metadata & User Data
Instance Metadata:
Is data about your instance.
Can be used to configure or manage a running
instance.
Instance User Data:
Can be passed to the instance at launch.
Can be used to perform common automated
configuration tasks.
Runs scripts after the instance starts.
22. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Retrieving Instance Metadata
To view all categories of instance
metadata from within a running
instance, use the following URI:
http://169.254.169.254/latest/meta-
data/
On a Linux instance, you can use:
⢠$ curl http://169.254.169.254/latest/meta-data/
⢠$ GET http://169.254.169.254/latest/meta-data/
All metadata is returned as text
(content type text/plain).
23. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Adding User Data
You can specify user data when launching an
instance.
User data can be:
⢠Linux script â executed by cloud-init
⢠Windows batch or PowerShell scripts â executed by
EC2Config service
User data scripts run once per instance-id by default.
24. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
User Data Example Linux
User data shell scripts must start with the #!
characters and the path to the interpreter you
want to read the script.
Install Apache web server
Enable the web server
Start the web server
#!/bin/sh
yum -y install httpd
chkconfig httpd on
/etc/init.d/httpd start
25. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
User Data Example Windows
<powershell>
Import-Module ServerManager
Install-WindowsFeature web-server, web-webserver
Install-WindowsFeature web-mgmt-tools
</powershell>
Import the Server Manager module
for Windows PowerShell.
Install IIS
Install Web Management Tools
26. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EC2 Purchasing Options
On-Demand
Instances
Pay by the hour.
Reserved
Instances
Purchase at
significant
discount.
Instances are
always available.
1-year to 3-year
terms.
Scheduled
Instances
Purchase a 1-
year RI for a
recurring period of
time.
Spot Instances
Highest bidder
uses instance at a
significant
discount.
Spot blocks
supported.
Dedicated
Hosts
Physical host is
fully dedicated to
run your
instances. Bring
your per-socket,
per-core, or per-
VM software
licenses to reduce
cost.
27. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Simple Storage Service (S3)
Amazon S3
Storage for the Internet
Natively online, HTTP/HTTPS, REST API access
Store and retrieve any amount of data, any time,
from anywhere on the web
Highly scalable, reliable, fast and durable
Designed to deliver 99.999999999% Durability
28. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Common Use Scenarios
Storage and Backup
Application File Hosting
Media Hosting
Software Delivery
Log files
Store AMIs and Snapshots
29. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon S3 Concepts
Amazon S3 stores data as objects
within buckets
An object is composed of a file and
optionally any metadata that describes
that file
You can have up to 100 buckets in each
account
You can control access to the bucket
and its objects
Amazon
S3
Bucket
with
Objects
Bucket
Object
30. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon S3 Security
You can control access to buckets and objects with:
⢠Identity and Access Management (IAM) policies
⢠Access Control Lists (ACLs)
⢠Bucket policies
You can upload or download data to Amazon S3 via SSL
encrypted endpoints.
You can encrypt data at rest using Amazon S3 SSE
You can encrypt data at client side using AWS SDKs.
31. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon S3 + Amazon Glacier
S3 Lifecycle policies allow you to delete or move
objects based on age and set rules per S3 bucket.
bucket with
objects
30 Days
Glacier
archive
365 Days
32. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon S3 Pricing
Pay only for what you use
No minimum fee
Prices based on location of your Amazon S3 bucket
Estimate monthly bill using the AWS Simple Monthly Calculator
Pricing is available as:
⢠Storage Pricing
⢠Request Pricing
⢠Data Transfer Pricing: data transferred out of Amazon S3
33. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Elastic Block Store (EBS)
Persistent block level storage volumes offering
consistent and low-latency performance
⢠Automatically replicated within its Availability
Zone
⢠Independent lifecycle
⢠Attach to instance one at a time
⢠Snapshots stored durably in Amazon S3
Amazon
EBS
34. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EBS Use Cases
OS â Use for boot/root volume, secondary volumes
Databases â Scales with your performance needs
Enterprise applications â Provides reliable block storage to run
mission-critical applications
Business continuity â Minimize data loss and recovery time by
regularly backing up using EBS Snapshots
35. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EBS Lifecycle
Vast amounts of
unused space Create
Call CreateVolume
1 GB to 16 TB
Attach
Call AttachVolume to affiliate with
one Amazon EC2 instance
Attached
and
In Use
⢠Format from Amazon EC2
instance OS
⢠Mount formatted drive
CreateSnapshot
Snapshot to
Amazon S3
Detach
Call DetachVolume
Deleted
Call DeleteVolume
36. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EBS Facts
You can create:
⢠EBS Magnetic volumes from 1 GiB to 1 TiB in size.
⢠EBS General Purpose (SSD) and Provisioned IOPS (SSD) volumes
up to 16 TiB in size.
You can use encrypted EBS volumes to meet a wide range
of data at-rest encryption requirements for
regulated/audited data and applications.
You can create point-in-time snapshots of EBS volumes,
which are persisted to Amazon S3.
37. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EBS Pricing
* Check Amazon EBS Pricing page for current pricing for all regions.
Pay for what you provision:
Pricing based on region
Review Pricing Calculator online
(https://calculator.s3.amazonaws.com/index.html)
Pricing is available as:
â˘Storage
â˘IOPS
38. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon EBS and Amazon S3
Amazon EBS Amazon S3
Paradigm Block storage with file system Object store
Performance Very fast Fast
Redundancy Across multiple servers in an
Availability Zone
Across multiple facilities in a
Region
Security EBS Encryption â Data volumes
and Snapshots
Encryption
Access from the
Internet?
No (1) Yes (2)
Typical use case It is a disk drive Online storage
(1) Accessible from the Internet if mounted to server and set up as FTP, etc.
(2) Only with proper credentials, unless ACLs are world-readable
39. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Networking
Amazon VPC
40. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Virtual Private Cloud (VPC)
Provision a private, isolated virtual network on the
AWS cloud.
Have complete control over your virtual
networking environment.
Amazon
VPC
41. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon Virtual Private Cloud (VPC)
Your own logically isolated section of AWS
Bring your own network:
⢠IP Addresses
⢠Subnets
⢠Network Topology
⢠Routing Tables
Multiple Connectivity Options
Advanced Security Features
42. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Networking Building Blocks
Availability Zone BAvailability Zone A
⢠Bring your own network
Your Network goes here
VPC â Virtual Private Cloud
43. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
VPCs and Subnets
A subnet defines a range of IP addresses in your VPC.
You can launch AWS resources into a subnet that you
select.
A private subnet should be used for resources that wonât
be accessible over the Internet.
A public subnet should be used for resources that will be
accessed over the Internet.
Each subnet must reside entirely within one Availability
Zone and cannot span zones.
44. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Networking Building Blocks
⢠Bring your own network
⢠Create your own subnets
Availability Zone BAvailability Zone A
VPC Subnet VPC Subnet
VPC â Virtual Private Cloud
45. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Amazon VPC Example
Availability Zone A
Virtual Private Cloud
AWS Cloud
Public Subnet
Internet
Virtual Private Cloud
Availability Zone B
Private Subnet
Availability Zone C
VPN Only Subnet
DB Server DB Server
App Server
DB Server DB Server
DB Server
Web Server Web Server
NAT
Customer
Network
R
46. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Building Blocks
AWS Cloud
Public Subnet
Private Subnet
VPC â Virtual Private Cloud
Corporate Datacenter
VPC
172.16.0.0/16
192.168.0.0/16
10.0.10.0/16
10.0.20.0/16
47. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Building Blocks
Each subnet can have a
unique Route Table
Direct traffic out of the VPC
⢠IGW
⢠VGW
⢠VPC Endpoints
⢠Direct Connect
⢠VPC Peering
AWS Cloud
Public Subnet
Private Subnet
VPC â Virtual Private Cloud
Corporate Datacenter
VPC
172.16.0.0/16
192.168.0.0/16
10.0.10.0/16
10.0.20.0/16
48. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Building Blocks
VPC â Virtual Private Cloud
Public Subnet
Private Subnet
Inbound Network ACL
Source Protocol L4 Port Action
10.0.10.0/0 TCP MySQL 3306 Allow
* * * * Deny
10.0.10.0/24
10.0.30.0/24
Outbound Network ACL
Destination Protocol L4 Port Action
10.0.10.0/0 TCP * * Allow
* * * * Deny
TCP 3306 *
49. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Building Blocks
Optional level of security
⢠By default, allow all traffic
Subnet level inspection
Stateless
IP and TCP/UDP port based
Supports allow and deny rules
⢠Deny all at the end
VPC â Virtual Private Cloud
Public Subnet
Private Subnet
Inbound Network ACL
Source Protocol L4 Port Action
10.0.10.0/0 TCP MySQL 3306 Allow
* * * * Deny
10.0.10.0/24
10.0.30.0/24
Outbound Network ACL
Destination Protocol L4 Port Action
10.0.10.0/0 TCP * * Allow
* * * * Deny
TCP 3306 *
50. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Building Blocks
Public Subnet â Web/App Tier
Private Subnet â DB Tier
TCP 443
TCP 3306
Inbound Security Group SG-DatabaseTier
Traffic from Protocol L4 Port Action
SG-WebTier MySQL TCP 3306 Allow
* * * * Deny
Inbound Security Group SG-WebELB
Traffic from Protocol L4 Port Action
0.0.0.0/0 HTTPS TCP 443 Allow
* * * * Deny
Anything Else
Inbound Security Group SG-WebTier
Traffic from Protocol L4 Port Action
SG-WebELB HTTP TCP 80 Allow
* * * * Deny
TCP 80
TCP 3306
TCP 80
TCP 80
TCP 3306
51. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Inbound / Outbound
Instance level inspection
⢠Microsegmentation
⢠Mandatory, all instances
have an associated
Security Group
Stateful
Can be cross referenced
⢠Works across VPC Peering
Only supports allow rules
⢠Implicit deny all at the end
Network Building Blocks
Public Subnet â Web/App Tier
Private Subnet â DB Tier
TCP 443
TCP 3306
Inbound Security Group SG-DatabaseTier
Traffic from Protocol L4 Port Action
SG-WebTier MySQL TCP 3306 Allow
* * * * Deny
Inbound Security Group SG-WebELB
Traffic from Protocol L4 Port Action
0.0.0.0/0 HTTPS TCP 443 Allow
* * * * Deny
Anything Else
Inbound Security Group SG-WebTier
Traffic from Protocol L4 Port Action
SG-WebELB HTTP TCP 80 Allow
* * * * Deny
TCP 80
TCP 3306
TCP 80
TCP 80
TCP 3306
52. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Building Blocks
Public Subnet
Private IP: 10.0.20.9
Private Subnet
VPC â Virtual Private Cloud
AWS Cloud
Internet Gateway
Private IP: 10.0.10.6
Public Internet
Elastic IP: 198.51.100.2
Private IP: 10.0.10.7
Private IP: 10.0.20.9
53. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Building Blocks
Public Subnet
Private IP: 10.0.20.9
Private Subnet
VPC â Virtual Private Cloud
AWS Cloud
Internet Gateway
Private IP: 10.0.10.6
Public Internet
Elastic IP: 198.51.100.2
Private IP: 10.0.10.7
Private IP: 10.0.20.9
54. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Building Blocks
Public Subnet
Private IP: 10.0.20.9
Private Subnet
VPC â Virtual Private Cloud
AWS Cloud
Internet Gateway
Private IP: 10.0.10.6
Public Internet
Elastic IP: 198.51.100.2
Private IP: 10.0.10.7
Private IP: 10.0.20.9
55. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Building Blocks
IGW - Internet Gateway
⢠One per VPC
⢠Horizontally scaling
⢠Redundant
⢠Highly available
EIP - Elastic IPs
⢠Public IP address
⢠Can be re-associated
Public Subnet
Private IP: 10.0.20.9
Private Subnet
VPC â Virtual Private Cloud
AWS Cloud
Internet Gateway
Private IP: 10.0.10.6
Public Internet
Elastic IP: 198.51.100.2
Private IP: 10.0.10.7
Private IP: 10.0.20.9
56. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
VPN Connections
VPN Connectivity option Description
AWS Hardware VPN
You can create an IPsec, hardware VPN connection
between your VPC and your remote network.
AWS Direct Connect
AWS Direct Connect provides a dedicated private
connection from a remote network to your VPC.
AWS VPN CloudHub
You can create multiple AWS hardware VPN
connections via your VPC to enable communications
between various remote networks.
Software VPN
You can create a VPN connection to your remote
network by using an Amazon EC2 instance in your VPC
thatâs running a software VPN appliance.
57. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Building Blocks
AWS Cloud
VPC â Virtual Private Cloud
Corporate Datacenter
Amazon S3
DynamoDB
API Gateway
Other AWS Services
Virtual Private Gateway (VGW)
Customer Gateway (CGW)
VPN Connection
2x IPSEC Tunnel
58. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How to connect my Datacenter to AWS?
One VGW per VPC
Redundant VPN Tunnels
⢠Terminating in different AZs
IPSec
⢠AES 256-bit encryption
⢠SHA-2 hashing
Scalable
BGP or Static Routing AWS Cloud
VPC â Virtual Private Cloud
Corporate Datacenter
Amazon S3
DynamoDB
API Gateway
Other AWS Services
Virtual Private Gateway (VGW)
Customer Gateway (CGW)
VPN Connection
2x IPSEC Tunnel
59. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Network Building Blocks
DirectConnect Location
VPC â Virtual Private Cloud
AWS Cloud Corporate Datacenter
DirectConnect
Customer Gateway
WAN
Amazon S3
DynamoDB
API Gateway
Public VIF
Other AWS Services
Private VIF
VGW
60. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Plan your VPC IP space before creating it
IP Addressing
⢠Consider future AWS region expansion
⢠Consider future connectivity to corporate networks
⢠Consider subnet design
⢠VPC can be /16 between and /28
⢠CIDR cannot be modified once created
⢠But you can add new CIDRs to expand the VPC IP addressing
⢠Overlapping IP spaces = future headache
61. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Course Wrap-Up
62. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Expand Your Cloud Skills with AWS
Certification
aws.amazon.com/certification
Online videos and
labs
aws.amazon.com/training/se
lf-paced-labs/
www.aws.training
Instructor-led courses
63. Š 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Certification
For more information, see aws.amazon.com/certification